Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

qubes-rpc: fix issues found by shellcheck

Browse Source 
Most of them are missing quotes, `` -> $(), and -o/-a usage in
conditions. Also add few directives disabling checks where were too
verbose.
This commit is contained in:
Marek Marczykowski-Górecki 2017-09-30 04:45:31 +02:00
parent bb220ce2eb
commit 9c839d789f
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
21 changed files with 90 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
qrexec/qubes-rpc-multiplexer
View File

@ -18,7 +18,7 @@ QUBES_RPC=/etc/qubes-rpc
LOCAL_QUBES_RPC=/usr/local/etc/qubes-rpc LOCAL_QUBES_RPC=/usr/local/etc/qubes-rpc
if ! [ $# = 2 ] ; then if ! [ $# = 2 ] ; then
echo $0: bad argument count, usage: $0 SERVICE-NAME REMOTE-DOMAIN-NAME >&2 echo "$0: bad argument count, usage: $0 SERVICE-NAME REMOTE-DOMAIN-NAME" >&2
exit 1 exit 1
fi fi
export QREXEC_REMOTE_DOMAIN="$2" export QREXEC_REMOTE_DOMAIN="$2"

25
qubes-rpc/prepare-suspend
View File

@ -8,10 +8,10 @@ action=$1
MODULES_BLACKLIST="" MODULES_BLACKLIST=""
if [ -r /etc/qubes-suspend-module-blacklist ]; then if [ -r /etc/qubes-suspend-module-blacklist ]; then
MODULES_BLACKLIST="$MODULES_BLACKLIST `grep -v '^#' /etc/qubes-suspend-module-blacklist`" MODULES_BLACKLIST="$MODULES_BLACKLIST $(grep -v '^#' /etc/qubes-suspend-module-blacklist)"
fi fi
if [ -r /rw/config/suspend-module-blacklist ]; then if [ -r /rw/config/suspend-module-blacklist ]; then
MODULES_BLACKLIST="$MODULES_BLACKLIST `grep -v '^#' /rw/config/suspend-module-blacklist`" MODULES_BLACKLIST="$MODULES_BLACKLIST $(grep -v '^#' /rw/config/suspend-module-blacklist)"
fi fi
if [ x"$action" = x"suspend" ]; then if [ x"$action" = x"suspend" ]; then
@ -23,23 +23,28 @@ if [ x"$action" = x"suspend" ]; then
service NetworkManager stop service NetworkManager stop
fi fi
# Force interfaces down, just in case when NM didn't done it # Force interfaces down, just in case when NM didn't done it
for if in `ls /sys/class/net|grep -v "lo\|vif"`; do for intf in /sys/class/net/*; do
if [ "`cat /sys/class/net/$if/device/devtype 2>/dev/null`" = "vif" ]; then intf=$(basename "$intf")
if [ "$intf" = "lo" ] || [[ "$intf" = "vif"* ]]; then
continue continue
fi fi
ip l s $if down if [ "$(cat "/sys/class/net/$intf/device/devtype" 2>/dev/null$)" = "vif" ]; then
continue
fi
ip l s "$intf" down
done done
LOADED_MODULES="" LOADED_MODULES=""
for mod in $MODULES_BLACKLIST; do for mod in $MODULES_BLACKLIST; do
if lsmod |grep -q $mod; then if lsmod |grep -q "$mod"; then
LOADED_MODULES="$LOADED_MODULES $mod" LOADED_MODULES="$LOADED_MODULES $mod"
modprobe -r $mod modprobe -r "$mod"
fi fi
done done
echo $LOADED_MODULES > /var/run/qubes/suspend-modules-loaded echo "$LOADED_MODULES" > /var/run/qubes/suspend-modules-loaded
else else
for mod in `cat /var/run/qubes/suspend-modules-loaded`; do # shellcheck disable=SC2013
modprobe $mod for mod in $(cat /var/run/qubes/suspend-modules-loaded); do
modprobe "$mod"
done done
if qsvc network-manager ; then if qsvc network-manager ; then
dbus-send --system --print-reply \ dbus-send --system --print-reply \

14
qubes-rpc/qubes.Backup
View File

@ -1,22 +1,22 @@
#!/bin/sh #!/bin/sh
echo Starting Backupcopy echo Starting Backupcopy
read args read -r args
echo Arguments: $args echo Arguments: "$args"
if [ -d "$args" ] ; then if [ -d "$args" ] ; then
echo "Performing backup to directory $args" echo "Performing backup to directory $args"
TARGET="$args/qubes-backup-`date +'%Y-%m-%dT%H%M%S'`" TARGET="$args/qubes-backup-$(date +'%Y-%m-%dT%H%M%S')"
echo "Copying STDIN data to $TARGET" echo "Copying STDIN data to $TARGET"
cat > $TARGET cat > "$TARGET"
else else
echo "Checking if arguments is matching a command" echo "Checking if arguments is matching a command"
COMMAND=`echo $args | cut -d ' ' -f 1` COMMAND=$(echo "$args" | cut -d ' ' -f 1)
if type "$COMMAND"; then if command -v "$COMMAND" >/dev/null; then
echo "Redirecting STDIN to $args" echo "Redirecting STDIN to $args"
# Parsing args to handle quotes correctly # Parsing args to handle quotes correctly
# Dangerous method if args are uncontrolled # Dangerous method if args are uncontrolled
eval "set -- $args" eval "set -- $args"
$@ "$@"
else else
echo "Invalid command $COMMAND" echo "Invalid command $COMMAND"
exit 1 exit 1

4
qubes-rpc/qubes.DetachPciDevice
View File

@ -1,4 +1,4 @@
#!/bin/sh #!/bin/sh
read dev read -r dev
BDF=0000:$dev BDF=0000:$dev
echo $BDF > /sys/bus/pci/devices/$BDF/driver/unbind echo "$BDF" > "/sys/bus/pci/devices/$BDF/driver/unbind"

1
qubes-rpc/qubes.GetAppmenus
View File

@ -1,4 +1,5 @@
#!/bin/sh #!/bin/sh
# shellcheck disable=SC2016
find /usr/share/applications/ /usr/local/share/applications/ -name '*.desktop' -print0 2>/dev/null | \ find /usr/share/applications/ /usr/local/share/applications/ -name '*.desktop' -print0 2>/dev/null | \
xargs -0 awk ' xargs -0 awk '
BEGINFILE { entry="" } BEGINFILE { entry="" }

14
qubes-rpc/qubes.GetImageRGBA
View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
set -e set -e
read filename read -r filename
ICON_MAXSIZE=512 ICON_MAXSIZE=512
@ -29,8 +29,8 @@ if [ "$m" = SVG ]; then
tmpfile2="$(mktemp /tmp/qimg-XXXXXXXX.png)" tmpfile2="$(mktemp /tmp/qimg-XXXXXXXX.png)"
rsvg-convert -o "$tmpfile2" "$filename" rsvg-convert -o "$tmpfile2" "$filename"
# downscale the image if necessary # downscale the image if necessary
if [ -n "$forcemaxsize" -a \ if [ -n "$forcemaxsize" ] && \
\( "$w" -gt "$forcemaxsize" -o "$h" -gt "$forcemaxsize" \) ]; then ( [ "$w" -gt "$forcemaxsize" ] || [ "$h" -gt "$forcemaxsize" ] ); then
convert "$tmpfile2" -scale "${forcemaxsize}x${forcemaxsize}" "$tmpfile2" convert "$tmpfile2" -scale "${forcemaxsize}x${forcemaxsize}" "$tmpfile2"
# read the size again, because icon may not be a square # read the size again, because icon may not be a square
s="$(identify -format '%w %h' "$tmpfile2")" s="$(identify -format '%w %h' "$tmpfile2")"
@ -42,7 +42,11 @@ fi
echo "$w $h" echo "$w $h"
convert -depth 8 -size "${w}x${h}" "$filename" rgba:- convert -depth 8 -size "${w}x${h}" "$filename" rgba:-
[ -n "${tmpfile}" ] && rm -f "${tmpfile}" || true if [ -n "${tmpfile}" ]; then
[ -n "${tmpfile2}" ] && rm -f "${tmpfile2}" || true rm -f "${tmpfile}"
fi
if [ -n "${tmpfile2}" ]; then
rm -f "${tmpfile2}"
fi
# vim: ft=sh ts=4 sw=4 et # vim: ft=sh ts=4 sw=4 et

6
qubes-rpc/qubes.InstallUpdatesGUI
View File

@ -4,13 +4,13 @@
# If you are creating package for other distribution, feel free to replace it # If you are creating package for other distribution, feel free to replace it
# with distribution-specific script. # with distribution-specific script.
if [ -e /etc/redhat-release -a -x /usr/bin/dnf ]; then if [ -e /etc/redhat-release ] && [ -x /usr/bin/dnf ]; then
update_cmd='dnf update --best' update_cmd='dnf update --best'
elif [ -e /etc/redhat-release -a -x /usr/bin/yum ]; then elif [ -e /etc/redhat-release ] && [ -x /usr/bin/yum ]; then
update_cmd='yum update' update_cmd='yum update'
elif [ -e /etc/debian_version ]; then elif [ -e /etc/debian_version ]; then
update_cmd='apt-get update && apt-get -V dist-upgrade' update_cmd='apt-get update && apt-get -V dist-upgrade'
elif [ -e /etc/arch-release -a -x /usr/bin/powerpill ]; then elif [ -e /etc/arch-release ] && [ -x /usr/bin/powerpill ]; then
update_cmd='powerpill -Suy' update_cmd='powerpill -Suy'
elif [ -e /etc/arch-release ]; then elif [ -e /etc/arch-release ]; then
update_cmd='pacman -Suy' update_cmd='pacman -Suy'

2
qubes-rpc/qubes.OpenURL
View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
read url read -r url
case "$url" in case "$url" in
http://*|\ http://*|\

4
qubes-rpc/qubes.ResizeDisk
View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
read disk_name read -r disk_name
set -e set -e
@ -15,7 +15,7 @@ case $disk_name in
head /dev/xvda > /dev/null head /dev/xvda > /dev/null
new_size=$(cat /sys/block/xvda/size) new_size=$(cat /sys/block/xvda/size)
ro=$(/sys/block/xvda/ro) ro=$(/sys/block/xvda/ro)
if [ $ro -eq 1 ]; then if [ "$ro" -eq 1 ]; then
new_table="0 $new_size snapshot /dev/xvda /dev/xvdc2 N 16" new_table="0 $new_size snapshot /dev/xvda /dev/xvdc2 N 16"
else else
new_table="0 $new_size linear /dev/xvda 0" new_table="0 $new_size linear /dev/xvda 0"

28
qubes-rpc/qubes.Restore
View File

@ -1,27 +1,29 @@
#!/bin/sh #!/bin/sh
echo Starting Restorecopy >&2 echo Starting Restorecopy >&2
read args read -r args
read paths read -r paths
echo Arguments: $args >&2 echo "Arguments: $args" >&2
echo Paths: $paths >&2 echo "Paths: $paths" >&2
if [ -f "$args" ] ; then if [ -f "$args" ] ; then
echo "Performing restore from backup file $args" >&2 echo "Performing restore from backup file $args" >&2
TARGET="$args" TARGET="$args"
echo "Copying $TARGET to STDOUT" >&2 echo "Copying $TARGET to STDOUT" >&2
# shellcheck disable=SC2086
/usr/lib/qubes/tar2qfile "$TARGET" $paths /usr/lib/qubes/tar2qfile "$TARGET" $paths
else else
echo "Checking if arguments is matching a command" >&2 echo "Checking if arguments is matching a command" >&2
COMMAND=`echo $args | cut -d ' ' -f 1` COMMAND=$(echo "$args" | cut -d ' ' -f 1)
if type "$COMMAND" >/dev/null; then if command -v "$COMMAND" >/dev/null; then
tmpdir=`mktemp -d` tmpdir=$(mktemp -d)
mkfifo $tmpdir/backup-data mkfifo "$tmpdir/backup-data"
echo "Redirecting $args to STDOUT" >&2 echo "Redirecting $args to STDOUT" >&2
# Parsing args to handle quotes correctly # Parsing args to handle quotes correctly
# Dangerous method if args are uncontrolled # Dangerous method if args are uncontrolled
eval "set -- $args" eval "set -- $args"
# Use named pipe to pass original stdin to tar2file # Use named pipe to pass original stdin to tar2file
$@ > $tmpdir/backup-data < /dev/null & "$@" > "$tmpdir/backup-data" < /dev/null &
/usr/lib/qubes/tar2qfile $tmpdir/backup-data $paths # shellcheck disable=SC2086
/usr/lib/qubes/tar2qfile "$tmpdir/backup-data" $paths
# Restoration may be terminated earlier because of selected files. This # Restoration may be terminated earlier because of selected files. This
# will be seen as EPIPE to the retrieving process, which may cause retcode # will be seen as EPIPE to the retrieving process, which may cause retcode
# other than 0 in some cases - which would be incorrectly treated as backup # other than 0 in some cases - which would be incorrectly treated as backup
@ -29,9 +31,9 @@ else
# detect if anything wrong with actual data) # detect if anything wrong with actual data)
retcode=$? retcode=$?
wait -n wait -n
rm $tmpdir/backup-data rm "$tmpdir/backup-data"
rmdir $tmpdir rmdir "$tmpdir"
exit $retcode exit "$retcode"
else else
echo "Invalid command $COMMAND" >&2 echo "Invalid command $COMMAND" >&2
exit 2 exit 2

6
qubes-rpc/qubes.SetDateTime
View File

@ -2,9 +2,9 @@
# it is in format of `date -u -Iseconds`, example: 2014-09-29T22:59:21+0000 # it is in format of `date -u -Iseconds`, example: 2014-09-29T22:59:21+0000
# it comes from dom0, so is trusted # it comes from dom0, so is trusted
read timestamp read -r timestamp
timediff=$(( `date -u +'+%Y%m%d%H%M%S'` - `date -u -d "$timestamp" +'+%Y%m%d%H%M%S'` )) timediff=$(( $(date -u +'+%Y%m%d%H%M%S') - $(date -u -d "$timestamp" +'+%Y%m%d%H%M%S') ))
if [ $timediff -le 2 -a $timediff -ge -2 ]; then if [ "$timediff" -le 2 ] && [ "$timediff" -ge -2 ]; then
# don't bother # don't bother
exit 0 exit 0
fi fi

2
qubes-rpc/qubes.StartApp
View File

@ -16,7 +16,7 @@ for dir in $(echo "$XDG_DATA_HOME:$XDG_DATA_DIRS" | tr : ' '); do
if ! [ -d "$dir/applications" ]; then if ! [ -d "$dir/applications" ]; then
continue continue
fi fi
for subdir in $(find $dir/applications -type d | sort); do for subdir in $(find "$dir/applications" -type d | sort); do
if [ -f "$subdir/$app_basename" ]; then if [ -f "$subdir/$app_basename" ]; then
exec qubes-desktop-run "$subdir/$app_basename" exec qubes-desktop-run "$subdir/$app_basename"
fi fi

2
qubes-rpc/qubes.WaitForSession
View File

@ -1,5 +1,5 @@
#!/bin/sh #!/bin/sh
read USERNAME read -r USERNAME
cmd='echo $$ >> /tmp/qubes-session-waiter; [ ! -f /tmp/qubes-session-env ] && exec sleep inf' cmd='echo $$ >> /tmp/qubes-session-waiter; [ ! -f /tmp/qubes-session-env ] && exec sleep inf'
if [ "$(id -un)" = "$USERNAME" ]; then if [ "$(id -un)" = "$USERNAME" ]; then
sh -c "$cmd" 2>/dev/null sh -c "$cmd" 2>/dev/null

5
qubes-rpc/qvm-copy-to-vm
View File

@ -22,7 +22,7 @@ set -e
# #
if [ $# -lt 2 ] ; then if [ $# -lt 2 ] ; then
echo usage: $0 '[--without-progress] dest_vmname file [file]+' echo "usage: $0 [--without-progress] dest_vmname file [file]+"
exit 1 exit 1
fi fi
@ -38,7 +38,8 @@ VM="$1"
shift shift
if [ $PROGRESS_TYPE = console ] ; then if [ $PROGRESS_TYPE = console ] ; then
export FILECOPY_TOTAL_SIZE=$(du --apparent-size -c -- "$@" 2> /dev/null | tail -1 | cut -f 1) FILECOPY_TOTAL_SIZE=$(du --apparent-size -c -- "$@" 2> /dev/null | tail -1 | cut -f 1)
export FILECOPY_TOTAL_SIZE
fi fi
/usr/lib/qubes/qrexec-client-vm "$VM" qubes.Filecopy /usr/lib/qubes/qfile-agent "$@" /usr/lib/qubes/qrexec-client-vm "$VM" qubes.Filecopy /usr/lib/qubes/qfile-agent "$@"

7
qubes-rpc/qvm-copy-to-vm.gnome
View File

@ -24,8 +24,9 @@ SIZE=$(du --apparent-size -c -- "$@" 2>/dev/null | tail -1 | cut -f 1)
export PROGRESS_TYPE=gui export PROGRESS_TYPE=gui
# shellcheck disable=SC2016
/usr/lib/qubes/qrexec-client-vm '$default' qubes.Filecopy /usr/lib/qubes/qfile-agent "$@" | /usr/lib/qubes/qrexec-client-vm '$default' qubes.Filecopy /usr/lib/qubes/qfile-agent "$@" |
(while read sentsize ; do (while read -r sentsize ; do
CURRSIZE=$(($sentsize/1024)) CURRSIZE=$((sentsize / 1024))
echo $((100*$CURRSIZE/$SIZE)) echo $((100 * CURRSIZE / SIZE))
done) | zenity --progress --text="Copying files..." --auto-close done) | zenity --progress --text="Copying files..." --auto-close

13
qubes-rpc/qvm-copy-to-vm.kde
View File

@ -19,21 +19,22 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# #
# #
if type kdialog 2> /dev/null; then if command -v kdialog 2> /dev/null; then
SIZE=$(du --apparent-size -c -- "$@" 2> /dev/null | tail -1 | cut -f 1) SIZE=$(du --apparent-size -c -- "$@" 2> /dev/null | tail -1 | cut -f 1)
REF=$(kdialog --progressbar "Copy progress") REF=$(kdialog --progressbar "Copy progress")
qdbus $REF org.freedesktop.DBus.Properties.Set "" maximum $SIZE qdbus "$REF" org.freedesktop.DBus.Properties.Set "" maximum "$SIZE"
export PROGRESS_TYPE=gui export PROGRESS_TYPE=gui
# shellcheck disable=SC2016
/usr/lib/qubes/qrexec-client-vm '$default' qubes.Filecopy \ /usr/lib/qubes/qrexec-client-vm '$default' qubes.Filecopy \
/usr/lib/qubes/qfile-agent "$@" | /usr/lib/qubes/qfile-agent "$@" |
(while read sentsize ; do (while read -r sentsize ; do
CURRSIZE=$(($sentsize/1024)) CURRSIZE=$((sentsize / 1024))
qdbus $REF org.freedesktop.DBus.Properties.Set "" value $CURRSIZE qdbus "$REF" org.freedesktop.DBus.Properties.Set "" value "$CURRSIZE"
done) done)
qdbus $REF close qdbus "$REF" close
# we do not want a dozen error messages, do we # we do not want a dozen error messages, do we
# if ! [ "x"$agentstatus = xDONE ] ; then # if ! [ "x"$agentstatus = xDONE ] ; then
# kdialog --sorry 'Abnormal file copy termination; see /var/log/qubes/qrexec.xid.log in dom0 for more details' # kdialog --sorry 'Abnormal file copy termination; see /var/log/qubes/qrexec.xid.log in dom0 for more details'

7
qubes-rpc/qvm-move-to-vm.gnome
View File

@ -26,9 +26,10 @@ export PROGRESS_TYPE=gui
set -o pipefail set -o pipefail
set -e set -e
# shellcheck disable=SC2016
/usr/lib/qubes/qrexec-client-vm '$default' qubes.Filecopy /usr/lib/qubes/qfile-agent "$@" | /usr/lib/qubes/qrexec-client-vm '$default' qubes.Filecopy /usr/lib/qubes/qfile-agent "$@" |
(while read sentsize ; do (while read -r sentsize ; do
CURRSIZE=$(($sentsize/1024)) CURRSIZE=$((sentsize / 1024))
echo $((100*$CURRSIZE/$SIZE)) echo $((100 * CURRSIZE / SIZE))
done) | zenity --progress --text="Moving files..." --auto-close done) | zenity --progress --text="Moving files..." --auto-close
rm -rf "$@" rm -rf "$@"

15
qubes-rpc/qvm-move-to-vm.kde
View File

@ -21,26 +21,27 @@
# #
if type kdialog 2> /dev/null; then if type kdialog 2> /dev/null; then
VM=$(kdialog -inputbox "Enter the VM name to send files to:") VM=$(kdialog -inputbox "Enter the VM name to send files to:")
if [ X$VM = X ] ; then exit 0 ; fi if [ "X$VM" = X ] ; then exit 0 ; fi
SIZE=$(du --apparent-size -c -- "$@" 2> /dev/null | tail -1 | cut -f 1) SIZE=$(du --apparent-size -c -- "$@" 2> /dev/null | tail -1 | cut -f 1)
REF=$(kdialog --progressbar "Move progress") REF=$(kdialog --progressbar "Move progress")
qdbus $REF org.freedesktop.DBus.Properties.Set "" maximum $SIZE qdbus "$REF" org.freedesktop.DBus.Properties.Set "" maximum "$SIZE"
export PROGRESS_TYPE=gui export PROGRESS_TYPE=gui
set -o pipefail set -o pipefail
/usr/lib/qubes/qrexec-client-vm $VM qubes.Filecopy \ /usr/lib/qubes/qrexec-client-vm "$VM" qubes.Filecopy \
/usr/lib/qubes/qfile-agent "$@" | /usr/lib/qubes/qfile-agent "$@" |
(while read sentsize ; do (while read -r sentsize ; do
CURRSIZE=$(($sentsize/1024)) CURRSIZE=$((sentsize / 1024))
qdbus $REF org.freedesktop.DBus.Properties.Set "" value $CURRSIZE qdbus "$REF" org.freedesktop.DBus.Properties.Set "" value "$CURRSIZE"
done) done)
# shellcheck disable=SC2181
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
rm -rf "$@" rm -rf "$@"
fi fi
qdbus $REF close qdbus "$REF" close
# we do not want a dozen error messages, do we # we do not want a dozen error messages, do we
# if ! [ "x"$agentstatus = xDONE ] ; then # if ! [ "x"$agentstatus = xDONE ] ; then
# kdialog --sorry 'Abnormal file copy termination; see /var/log/qubes/qrexec.xid.log in dom0 for more details' # kdialog --sorry 'Abnormal file copy termination; see /var/log/qubes/qrexec.xid.log in dom0 for more details'

1
qubes-rpc/qvm-open-in-dvm
View File

@ -25,4 +25,5 @@ if ! [ $# = 1 ] ; then
exit 1 exit 1
fi fi
# shellcheck disable=SC2016
exec qvm-open-in-vm '$dispvm' "$1" exec qvm-open-in-vm '$dispvm' "$1"

1
qubes-rpc/qvm-run-vm
View File

@ -44,6 +44,7 @@ VMNAME="$1"
shift shift
if [ "$VMNAME" = "--dispvm" ] ; then if [ "$VMNAME" = "--dispvm" ] ; then
# shellcheck disable=SC2016
VMNAME='$dispvm' VMNAME='$dispvm'
elif [ "$VMNAME" = "" ] ; then elif [ "$VMNAME" = "" ] ; then
print_usage print_usage

1
qubes-rpc/qvm-sync-clock
View File

@ -18,4 +18,5 @@
# #
# #
# shellcheck disable=SC2016
qrexec-client-vm '$default' qubes.GetDate /usr/lib/qubes/qubes-sync-clock qrexec-client-vm '$default' qubes.GetDate /usr/lib/qubes/qubes-sync-clock